Today, many businesses must deal with increasing numbers of information privacy and information security related regulations, rules and controls. Risk of failing to deal with security issues, like other operational risk, is often placed on the board of directors or other executives of an institution or organization. In addition, the ease with which the Internet can be accessed and used from a personal computer has led even greater concerns that “hackers” and other nefarious individuals may access an enterprise's computer systems and compromise information security and/or privacy. Thus, there is an increasing need to provide for comprehensive governance of the security of an enterprise's information systems. For very large and geographically diverse organizations, this requirement can create significant challenges and cause significant resource expenditure, especially if individual computer resources or groups of computing resources must be separately monitored.